Privacy Policy

Data Controller

SalesGuard is the data controller for the personal data we collect and process.

Contact Details

Email: support@salesguardapp.com

ICO Registration

We are registered with the UK Information Commissioner's Office (ICO) as a data controller.

Our Role

For call transcripts and CRM data you create, we are joint data controllers with you. You decide what calls to transcribe and what data to input; we determine how to process and store that data.

Account Information

• Email address
• Password (encrypted)
• Account creation date
• Subscription status

Call Transcription Data

• Text transcripts of calls you record (not audio files)
• Participant counts (number of people in meeting, not names or identities)
• Timestamps of when calls occurred
• Meeting codes from URLs

Email Processing Data

• Email content you manually paste into SalesGuard
• Extracted contact names, companies, job titles, email addresses
• Deal information extracted from emails
• Email subject lines and dates

CRM Data You Create

• Contact names, companies, email addresses, phone numbers
• Deal information (values, close dates, stages, notes)
• Tasks and calendar events you create
• Notes and intelligence you add

Payment Information

• Processed by Stripe (we do not store credit card details)
• Billing history and subscription status
• Payment method type (not full card number)

Technical Data

• IP address (for security and fraud prevention)
• Browser type and version
• Device type and operating system
• Login timestamps
• Error logs (technical information only, not personal data or call content)

What We Do NOT Collect

• Audio recordings (audio is immediately deleted after transcription)
• Participant names or identities from calls (only participant counts)
• Email attachments
• Data from your email account (you manually paste emails)
• Sensitive personal data (health, race, religion, etc.) unless you choose to include it in notes

Provide the Service

• Transcribe your calls in real-time
• Extract CRM data from transcripts and emails using AI
• Store and manage your contacts, deals, and pipeline
• Sync your data across devices

Account Management

• Create and manage your account
• Authenticate your login
• Process your subscription payments
• Communicate about your account or service issues

Service Improvement

• Fix bugs and improve performance
• Analyze aggregated usage patterns (anonymized, not linked to individuals)
• Develop new features

Legal Compliance

• Comply with legal obligations
• Prevent fraud and abuse
• Respond to law enforcement requests when legally required

Customer Support

• Respond to your support requests
• Troubleshoot technical issues

Contract Performance (Article 6(1)(b))

We need to process your data to provide the SalesGuard service you've subscribed to. This includes call transcription, AI extraction, CRM storage, and account management.

Consent (Article 6(1)(a))

• You consent to call transcription when you click “Start Transcribing” and acknowledge the consent modal
• You consent to email processing when you paste emails and acknowledge the consent modal
• You consent to immediate access and waive 14-day refund rights at checkout

Legitimate Interests (Article 6(1)(f))

• Fraud prevention and security
• Service improvement and bug fixes
• Aggregated analytics (anonymized)

Legal Obligation (Article 6(1)(c))

• Compliance with tax and financial regulations
• Response to lawful requests from authorities

Third-Party Service Providers

We share data with trusted service providers who help us operate SalesGuard. See Section 6 for full details.

Legal Requirements

We may disclose data if required by law, court order, or legal process, or to protect our rights, property, or safety.

Business Transfers

If SalesGuard is acquired or merged with another company, your data may be transferred to the new owner. You will be notified of any such change.

With Your Consent

We may share data with third parties if you explicitly consent to such sharing.

Data Processing Agreements

All third-party processors have standard Data Processing Agreements (DPAs) that comply with UK GDPR requirements. These are incorporated into their terms of service.

How Call Transcription Works

When you transcribe a call:

1. Audio from your microphone is captured in real-time
2. Audio is streamed directly to Deepgram for transcription
3. Deepgram converts audio to text and returns the transcript
4. Audio is immediately deleted - neither Deepgram nor SalesGuard save audio files
5. Only text transcripts are stored in your SalesGuard account

What We Store

• Text transcripts of your calls
• Participant counts (number of participants, not names or identities)
• Timestamps of when calls occurred
• Meeting codes from URLs

What We Do NOT Store

• Audio recordings (deleted immediately)
• Participant names or email addresses from calls
• Video from calls
• Chat messages from calls
• Any other meeting content besides transcripts

Your Responsibility

You are solely responsible for obtaining necessary consents before transcribing calls. See our Terms of Service for details on call transcription legal obligations.

Call Transcripts

• Text transcripts are sent to Anthropic's Claude AI
• AI extracts contact names, companies, deal values, close dates, sentiment, and insights
• Extracted data is saved to your CRM
• Original transcript remains in your account

Pasted Emails

• When you paste email content, it is sent to Anthropic's Claude AI
• AI extracts contact information, deal details, and key insights
• Extracted data is saved to your CRM
• Email text is processed and deleted by Anthropic within 30 days

AI Data Usage

• Anthropic does not use your data to train AI models (per their commercial terms)
• Data is processed solely to provide the extraction service
• Anthropic retains data for 30 days for abuse monitoring, then permanently deletes it

AI Accuracy

AI extractions may contain errors. You should verify all AI-generated content before relying on it. See our Terms of Service for full AI disclaimers.

Account Data

• Stored while your account is active
• Deleted within 30 days after you delete your account

Call Transcripts and CRM Data

• Stored while your account is active
• Automatically deleted 90 days after the call/meeting occurred
• You can manually delete data anytime

Aggregated Analytics

• Total usage statistics (e.g., total calls transcribed across all users, total hours saved)
• Anonymized and cannot be linked to individual users or meetings
• Retained indefinitely for service improvement

Payment Data

• Stored by Stripe per their retention policies (typically 7 years for tax compliance)
• We do not store full credit card details

Backup Data

• Backups are maintained for disaster recovery
• Backups are deleted on the same schedule as primary data

After Account Deletion

• All personal data is permanently deleted within 30 days
• Backups are purged within 90 days
• Aggregated anonymous analytics may be retained (not linked to you)

Right to Access (Article 15)

You can request a copy of all personal data we hold about you.

Right to Rectification (Article 16)

You can correct inaccurate or incomplete personal data.

Right to Erasure (Article 17)

You can request deletion of your personal data (“right to be forgotten”).

Right to Restriction of Processing (Article 18)

You can request we limit how we use your data.

Right to Data Portability (Article 20)

You can receive your data in a machine-readable format (CSV) to transfer to another service.

Right to Object (Article 21)

You can object to processing based on legitimate interests.

Right to Withdraw Consent (Article 7)

You can withdraw consent for call transcription or email processing at any time by stopping use of those features.

Right to Complain

You can lodge a complaint with the UK Information Commissioner's Office (ICO):

• Website: https://ico.org.uk/make-a-complaint/
• Phone: 0303 123 1113
• Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Request Data Access

Email us with “Data Access Request” in the subject line. We will provide a copy of your data within 30 days.

Request Data Export

Email us with “Data Export Request” in the subject line. We will provide your CRM data in CSV format within 30 days.

Request Data Deletion

Email us with “Delete My Account” in the subject line. We will permanently delete your account and all data within 30 days.

Update Your Data

You can update most data directly in the SalesGuard application (contacts, deals, notes). For account information changes, email us.

Verification

We may ask you to verify your identity before processing data requests to protect your privacy.

Response Time

We will respond to all requests within 30 days. For complex requests, we may extend this by an additional 60 days and will notify you if we do so.

Technical Measures

• Encryption at rest and in transit (HTTPS/TLS)
• Secure authentication (encrypted passwords, session tokens)
• Row-level security in database (users can only access their own data)
• Regular security updates and patches
• Automated backups for disaster recovery

Organizational Measures

• Access controls (limited personnel have access to user data)
• Data processing agreements with all third-party processors
• Regular security reviews
• Incident response procedures

Third-Party Security

We use industry-leading service providers (Supabase, Deepgram, Anthropic, Stripe) with strong security practices and certifications (SOC 2, ISO 27001, etc.).

Limitations

While we implement strong security measures, no system is 100% secure. We cannot guarantee absolute security. In the event of a data breach, we will notify affected users and the ICO as required by law.

You acknowledge that use of cloud services involves inherent security risks.

Where Your Data is Stored

Your data is processed and stored primarily in the United States by our third-party service providers (Deepgram, Anthropic, Supabase, Stripe, Vercel).

Legal Basis for Transfers

Data transfers from the UK to the United States are made under:

• Standard Contractual Clauses (SCCs) approved by the UK ICO
• Data Processing Agreements with all third-party processors
• Processors' compliance with US-EU Data Privacy Framework (where applicable)

Your Consent

By using SalesGuard, you consent to your data being transferred to and processed in the United States and other jurisdictions where our service providers operate.

Safeguards

All third-party processors have committed to protecting your data in accordance with UK GDPR standards through their data processing agreements and security certifications.

Essential Cookies

• Authentication cookies (to keep you logged in)
• Session cookies (to maintain your session)
• These are necessary for the service to function

Analytics Cookies

We do not currently use analytics cookies or third-party tracking.

Your Choices

Essential cookies cannot be disabled as they are necessary for the service to work. If we add analytics in the future, we will update this policy and provide opt-out options.

What We Will Do

If we discover a data breach that poses a risk to your rights and freedoms:

• We will notify the ICO within 72 hours of discovery
• We will notify affected users without undue delay
• We will explain what happened, what data was affected, and what steps we're taking

What You Should Do

If you are notified of a breach:

• Change your SalesGuard password immediately
• Monitor your accounts for suspicious activity
• Enable two-factor authentication if available
• Contact us if you have questions or concerns

Our Commitment

We have documented incident response procedures and regularly review our security practices to prevent breaches.

Notification of Changes

For material changes that significantly affect how we handle your data:

• We will notify you via email at least 14 days before the changes take effect
• The updated policy will be posted on this page with a new “Last Updated” date
• Continued use of SalesGuard after changes take effect constitutes acceptance

Minor Changes

For minor updates (typo corrections, clarifications that don't change meaning):

• We will update the “Last Updated” date
• No email notification required

Review Regularly

We recommend reviewing this Privacy Policy periodically to stay informed about how we protect your data.

Email

support@salesguardapp.com

Response Time

We will respond within 48 hours on business days.

Data Protection Officer

For UK GDPR inquiries, contact support@salesguardapp.com (we will respond or forward to appropriate personnel).

ICO Contact

If you are not satisfied with our response, you can contact the Information Commissioner's Office:

• Website: https://ico.org.uk/make-a-complaint/
• Phone: 0303 123 1113